In a computer environment, access to a transaction (e.g., obtaining secret data kept on a computer, ordering a good or service via the computer, or accessing funds at an automatic teller machine (ATM) or point of sale (POS)) is usually protected by a personal identification number (PIN), a password, or other access code. When the user wishes to conduct the transaction, he types in his access code, and is allowed access (e.g., via an access control module) if the entered value correctly matches a stored value. A typical piece of data that is protected in such way is a user's private key, which can constitute a user's identity over the Internet or some other system that uses public key cryptography for user identification. If the attacker can get access to this private key, he can impersonate the user, read information intended to be private to the user, and conduct still other electronic transactions in the user's name.
An attacker might physically gain access to the user's computer physically, or do so electronically by loading a virus onto the user's computer. In either case, the attacker can then install a program that collects, and saves to a file, all the keystrokes that the user types on his keyboard. This file can be retrieved later, either via physical access to the machine or over a network, allowing the attacker to deduce the access code by examining the user's keystrokes. Besides keyboard entry, the access code could also be inputted by selecting, via a mouse, digits or letters (more generally, characters) from a predetermined pattern of user-selectable fields (e.g., a visual representation of a telephone, typewriter, or calculator keypad) displayed on a graphical user interface (GUI). In this scenario, the attacker could obtain information about the access code by capturing the locations (e.g., x- and y- coordinates) of mouse clicks and using them to deduce the characters indicated--since the locations of all possible characters on the interface occur in a known and fixed pattern (e.g., on a telephone-style keypad: Row 1=1, 2, 3; Row 2=4, 5, 6; Row 3=7, 8, 9; and Row 4=*, 0, #).
Even where the locations of all the alphanumeric characters are not known, an attacker could still deduce the access code when an initial state of the character fields is known. For example, consider simulating and displaying an in-line combination lock having an initial state of 0-0-0. The user then uses mouse clicks to turn the wheels (tumblers, rings, etc.) of the lock to input his access code. When the digits of the proper combination are all aligned in their proper positions, the lock "opens" (i.e., grants the user access to the desired transaction). An attacker knowing the initial state and the history of the mouse clicks could determine the access code by using the history as an offset from the initial state.
All of the foregoing shows that there is a need for protecting a user's PIN, password, or other access code, from disclosure to an attacker who, directly or indirectly, obtains the sequence of characters inputted by a user to gain access to a transaction.